Linux networking “jail” for a single processWhen you said "make sure it does not try to connect to certain hosts/ports using tcp/udp connections" did you mean outgoing traffic? A rule in the OUTPUT chain should be sufficient to block that.